import * as plugins from '../plugins.js';
import type { MtaService } from './mta.classes.mta.js';
interface Headers {
[key: string]: string;
}
interface IEmailSignJobOptions {
domain: string;
selector: string;
headers: Headers;
body: string;
}
export class EmailSignJob {
mtaRef: MtaService;
jobOptions: IEmailSignJobOptions;
constructor(mtaRefArg: MtaService, options: IEmailSignJobOptions) {
this.mtaRef = mtaRefArg;
this.jobOptions = options;
}
async loadPrivateKey(): Promise<string> {
return plugins.fs.promises.readFile(
(await this.mtaRef.dkimCreator.getKeyPathsForDomain(this.jobOptions.domain)).privateKeyPath,
'utf-8'
);
}
public async getSignatureHeader(emailMessage: string): Promise<string> {
const signResult = await plugins.dkimSign(emailMessage, {
// Optional, default canonicalization, default is "relaxed/relaxed"
canonicalization: 'relaxed/relaxed', // c=
// Optional, default signing and hashing algorithm
// Mostly useful when you want to use rsa-sha1, otherwise no need to set
algorithm: 'rsa-sha256',
// Optional, default is current time
signTime: new Date(), // t=
// Keys for one or more signatures
// Different signatures can use different algorithms (mostly useful when
// you want to sign a message both with RSA and Ed25519)
signatureData: [
{
signingDomain: this.jobOptions.domain, // d=
selector: this.jobOptions.selector, // s=
// supported key types: RSA, Ed25519
privateKey: await this.loadPrivateKey(), // k=
// Optional algorithm, default is derived from the key.
// Overrides whatever was set in parent object
algorithm: 'rsa-sha256',
// Optional signature specifc canonicalization, overrides whatever was set in parent object
canonicalization: 'relaxed/relaxed', // c=
// Maximum number of canonicalized body bytes to sign (eg. the "l=" tag).
// Do not use though. This is available only for compatibility testing.
// maxBodyLength: 12345
},
],
});
const signature = signResult.signatures;
return signature;
}
}